L2TPv3 on a 3900-SPE200/K9
Hi... Im trying to configure a l2tpv3 tunnel between a ASR1001 and a C3925. Im not able to find the way to activate te command pseudowire-class on the 3925. I try installing a license for security and data, but still nothing... Any clues?
Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.2(4)M4, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Thu 20-Jun-13 14:38 by prod_rel_team
ROM: System Bootstrap, Version 15.1(1r)T5, RELEASE SOFTWARE (fc1)
TEST-OSPF uptime is 23 hours, 43 minutes
System returned to ROM by reload at 14:55:47 UTC Thu Mar 26 2015
System image file is "flash0:c3900e-universalk9-mz.SPA.152-4.M4.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO3925-CHASSIS (revision 1.0) with C3900-SPE200/K9 with 755712K/292864K bytes of memory.
Processor board ID FTX1740AHUY
4 Gigabit Ethernet interfaces
DRAM configuration is 72 bits wide with parity enabled.
256K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash 0 (Read/Write)
License Info:
License UDI:
Device# PID SN
*0 C3900-SPE200/K9 FOC173466SN
Technology Package License Information for Module:'c3900e'
Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security None None None
uc None None None
data None None None
Similar Messages
-
Hp deskjet 3900 drivers for windows 7 operating system
I just bought a computer with a windows 7 operating system and have a hp deskjet 3900 printer, can I get this printer to work with the windows 7 system?
This question was solved.
View Solution.Hello diyasher_21,
There is no downloadable Windows 7 driver for your Deskjet 3920 series. This document provides information on how to install a Windows 7 in-OS print driver.
Please let me know if this helps.
Good luck!
↙-----------How do I give Kudos?| How do I mark a post as Solved? ----------------↓ -
Unread email count Is 3900 after upgrade to IOS 8.1.2
AFter upgrading to IOS 8.1.2 my unread email count jumped to 3900 even though there is no email on my phone and none on the server. Is there a way of clearing this count?
Hi, jaff067.
Thank you for visiting Apple Support Communities.
I understand that you have an unread message counter, but your mail account indicates all mail is read. This usually means that you have an additional mail account setup. Check to see if you can access this account or change mailboxes and clear the unread via the steps below.
Write messages
Cheers,
Jason H. -
How to install hp deskjet 3900 in windows 8
Please let me know how to install hp deskjet 3900 in windows 8
Hi, take a look at this HP link.
Please mark the post that solves your issue as "Accept as Solution".
If my answer was helpful click the “Thumbs Up" on the left to say “Thanks”!
I am not a HP employee. -
How can I select several emails from 3900 on my 5c and delete the rest easily
How can I select several emails from 3900 on my 5c and delete the rest easily
We'll I don't think there's a easy way to delete a lot of emails besides deleting all of them. To delete all of them click on inbox them edit then "mark all" then trash/delete. Other than that you will have to specifically deleted the ones you want to delete.
-
IPSec secured L2TPv3 - one way traffic in L2 tunnel
Sigh... after 7 hours battling coming here because I've exhausted all my options to find an answer for my problem.
So here is the topology - standard (boring) IPSec secured L2TPv3 tunnel: on one side - 897 connected to a DSL box, on another side - 1921 with two interfaces.
Purpose to setup a plain L2TPv3 tunnel between those locations so computers plugged into the 897's 8-port switch interface can communicate with number of devices connected to 1921 on other side.
897:
crypto ikev2 keyring key1
peer destination_ip_address
address local_outside_ip_address
pre-shared-key key
crypto ikev2 profile default
match identity remote address 1921_outside_ip_address 255.255.255.255
identity local address 897_outside_ip_address
authentication remote pre-share
authentication local pre-share
keyring local key1
crypto ikev2 dpd 30 3 periodic
controller VDSL 0
ip ssh rsa keypair-name router-key
ip ssh version 2
pseudowire-class DZD
encapsulation l2tpv3
ip local interface Loopback1
ip pmtu
ip dfbit set
ip tos reflect
crypto ipsec transform-set default esp-aes esp-sha-hmac
mode tunnel
crypto ipsec df-bit set
crypto map local 1 ipsec-isakmp
set peer 1921_outside_ip_address
set ikev2-profile default
match address 130
interface Loopback1
ip address 172.16.1.1 255.255.255.255
interface ATM0
no ip address
no atm ilmi-keepalive
interface Ethernet0
no ip address
interface GigabitEthernet0
no ip address
interface GigabitEthernet1
no ip address
interface GigabitEthernet2
no ip address
interface GigabitEthernet3
no ip address
xconnect 172.16.1.2 1 encapsulation l2tpv3 pw-class DZD
interface GigabitEthernet4
no ip address
interface GigabitEthernet5
no ip address
interface GigabitEthernet6
no ip address
interface GigabitEthernet7
no ip address
interface GigabitEthernet8
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface Wlan-GigabitEthernet8
no ip address
interface wlan-ap0
description Embedded Service module interface to manage the embedded AP
ip unnumbered Vlan1
interface Vlan1
ip address 10.97.2.29 255.255.255.0
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ipv6 address autoconfig
ppp authentication pap callin
ppp pap sent-username DSL_username password DSL_password
crypto map local
ip forward-protocol nd
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 Dialer1
access-list 130 permit ip host 172.16.1.1 host 172.16.1.2
dialer-list 1 protocol ip permit
c897#
1921:
crypto ikev2 keyring key1
peer 897_outside_ip_address
address 897_outside_ip_address
pre-shared-key key
crypto ikev2 profile default
match identity remote address 897_outside_ip_address 255.255.255.255
identity local address 1921_outside_ip_address
authentication remote pre-share
authentication local pre-share
keyring local key1
crypto ikev2 dpd 30 3 periodic
ip ssh version 2
lldp run
pseudowire-class ZRH
encapsulation l2tpv3
ip local interface Loopback1
ip pmtu
ip dfbit set
ip tos reflect
crypto ipsec transform-set default esp-aes esp-sha-hmac
mode tunnel
crypto ipsec df-bit set
crypto map local 1 ipsec-isakmp
set peer 897_outside_ip_address
set ikev2-profile default
match address 130
interface Loopback1
ip address 172.16.1.2 255.255.255.255
interface Embedded-Service-Engine0/0
no ip address
interface GigabitEthernet0/0
description WAN-ACC
ip address 1921_outside_ip_address 255.255.255.0
duplex auto
speed auto
crypto map local
interface GigabitEthernet0/1
description LAN-Trunk
no ip address
duplex auto
speed auto
xconnect 172.16.1.1 1 encapsulation l2tpv3 pw-class ZRH
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 default_gateway_of_1921
logging host 10.96.2.21
access-list 130 permit ip host 172.16.1.2 host 172.16.1.1
pnc01921#
Note - 1921 is connected to the Nexus 2248TP FEX, here is the config of the interface of the FEX:
pnc00001# sh run int e101/1/6
!Time: Thu May 1 06:15:02 2014
version 5.0(3)N2(2b)
interface Ethernet101/1/6
switchport access vlan 702
Now, IPsec tunnel comes up and does pass traffic - I can ping from one l1 another l1, below is the output from 897:
sh cry ike sa
IPv4 Crypto IKEv2 SA
Tunnel-id Local Remote fvrf/ivrf Status
1 897_outside_ip_address/500 1921_outside_ip_address/500 none/none READY
Encr: AES-CBC, keysize: 256, Hash: SHA512, DH Grp:5, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/76 sec
IPv6 Crypto IKEv2 SA
#sh cry ips sa
interface: Dialer1
Crypto map tag: local, local addr 897_outside_ip_address
protected vrf: (none)
local ident (addr/mask/prot/port): (172.16.1.1/255.255.255.255/0/0)
remote ident (addr/mask/prot/port): (172.16.1.2/255.255.255.255/0/0)
current_peer 1921_outside_ip_address port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 7, #pkts encrypt: 7, #pkts digest: 7
#pkts decaps: 51, #pkts decrypt: 51, #pkts verify: 51
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: 897_outside_ip_address, remote crypto endpt.: 1921_outside_ip_address
path mtu 1492, ip mtu 1492, ip mtu idb Dialer1
current outbound spi: 0x852BF1F2(2234249714)
PFS (Y/N): N, DH group: none
inbound esp sas:
spi: 0x5D9DFB1A(1570634522)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 2, flow_id: Onboard VPN:2, sibling_flags 80000040, crypto map: local
sa timing: remaining key lifetime (k/sec): (4190855/3504)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE(ACTIVE)
inbound ah sas:
inbound pcp sas:
outbound esp sas:
spi: 0x852BF1F2(2234249714)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 1, flow_id: Onboard VPN:1, sibling_flags 80000040, crypto map: local
sa timing: remaining key lifetime (k/sec): (4190863/3504)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE(ACTIVE)
#ping 172.16.1.2 sour l1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/24 ms
Now, L2 tunnel shows to be up on both ends as well (output from 897 here)
#sh xconnect all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Gi3(Ethernet) UP l2tp 172.16.1.2:1 UP
However, if you look at detailed output of l2tunn, you will see that the tunnel receives traffic from 1921, but does not send anything:
#sh l2tun tunnel all
L2TP Tunnel Information Total tunnels 1 sessions 1
Tunnel id 3504576447 is up, remote id is 2898810219, 1 active sessions
Locally initiated tunnel
Tunnel state is established, time since change 00:19:34
Tunnel transport is IP (115)
Remote tunnel name is pnc01921
Internet Address 172.16.1.2, port 0
Local tunnel name is pnc0DRZD
Internet Address 172.16.1.1, port 0
L2TP class for tunnel is l2tp_default_class
Counters, taking last clear into account:
0 packets sent, 763 received
0 bytes sent, 65693 received
Last clearing of counters never
Counters, ignoring last clear:
0 packets sent, 763 received
0 bytes sent, 65693 received
Control Ns 18, Nr 9
Local RWS 512 (default), Remote RWS 512 (max)
Control channel Congestion Control is disabled
Tunnel PMTU checking enabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 2
Total resends 0, ZLB ACKs sent 8
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled
Mirrored situation on other side - 1921 sends packets, but nothing is received:
pnc01921#sh l2tun tunnel all
L2TP Tunnel Information Total tunnels 1 sessions 1
Tunnel id 2898810219 is up, remote id is 3504576447, 1 active sessions
Remotely initiated tunnel
Tunnel state is established, time since change 00:21:15
Tunnel transport is IP (115)
Remote tunnel name is pnc0DRZD
Internet Address 172.16.1.1, port 0
Local tunnel name is pnc01921
Internet Address 172.16.1.2, port 0
L2TP class for tunnel is l2tp_default_class
Counters, taking last clear into account:
815 packets sent, 0 received
69988 bytes sent, 0 received
Last clearing of counters never
Counters, ignoring last clear:
815 packets sent, 0 received
69988 bytes sent, 0 received
Control Ns 9, Nr 20
Local RWS 1024 (default), Remote RWS 512
Control channel Congestion Control is disabled
Tunnel PMTU checking enabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 1
Total resends 0, ZLB ACKs sent 18
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled
There is a Windows box plugged into 897's G3 with IP address 10.97.2.25. I can ping from it 897's VLAN1 at 10.97.2.29. However I can't ping anything across the L2TPv3 tunnel. At the same time on that Windows box I can see broadcast traffic coming across the tunnel.
I give up. Anyone has some reasonable suggestion what might be wrong? I suspect that something is wrong at 897's side.
One last question - how can I create svi on 1921 and assign ip address from 10.97.2.0/24 network on it?Anybody? Opened ticket #630128425, no response from Cisco yet..
-
L2TPv3 tunnel up but pings are failing
Hi,
I have configured an L2TP tunnel between loopbacks on an ASR1004 and an ASR1001. The tunnel gets established, and even shows me some two-way traffic counters (they don't increment in line with ICMP requests so don't know if they represent my ping attempts per se).
When I generate ICMP traffic, I learn MAC addresses on both ends, including within the ARP tables on the hosts. However, the pings time out. I have attached a diagram and have pasted some show outputs below.
Any ideas or suggestions would be greatly appreciated, thanks!
Wlg-COR-02#show ver
Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-UNIVERSAL-M), Version 15.1(1)S, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Mon 22-Nov-10 12:32 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2010 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
Wlg-COR-02 uptime is 2 weeks, 6 days, 14 hours, 59 minutes
Uptime for this control processor is 2 weeks, 6 days, 15 hours, 0 minutes
System returned to ROM by reload at 17:33:31 NZST Tue Aug 12 2014
System restarted at 00:22:39 NZDT Thu Oct 9 2014
System image file is "bootflash:/asr1001-universal.03.02.00.S.151-1.S.bin"
Last reload reason: PowerOn
License Info:
License UDI:
Device# PID SN UDI
*0 ASR1001 JAE15290CAP ASR1001:JAE15290CAP
License Package Information for Module:'asr1001'
Module name Image level Priority Configured Valid license
asr1001 adventerprise 1 NO adventerprise
advipservices 2 NO advipservices
ipbase 3 NO ipbase
Current License Level: advipservices
cisco ASR1001 (1RU) processor with 1217912K/6147K bytes of memory.
4 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
7782399K bytes of eUSB flash at bootflash:.
Configuration register is 0x2102
Wlg-COR-02#show l2tun session all
L2TP Session Information Total tunnels 1 sessions 1
Session id 3769661188 is up, logical session id 65548, tunnel id 3529463940
Remote session id is 1878828549, remote tunnel id 1043662242
Remotely initiated session
Unique ID is 12
Session Layer 2 circuit, type is Ethernet Vlan, name is Port-channel2.532:532
Session vcid is 532
Circuit state is UP
Local circuit state is UP
Remote circuit state is UP
Call serial number is 2074100010
Remote tunnel name is Air-COR-01
Internet address is 210.48.12.100
Local tunnel name is Wlg-COR-02
Internet address is 210.48.12.105
IP protocol 115
Session is L2TP signaled
Session state is established, time since change 03:41:52
57 Packets sent, 48 received
8190 Bytes sent, 6645 received
Last clearing of counters never
Counters, ignoring last clear:
57 Packets sent, 48 received
8190 Bytes sent, 6645 received
Receive packets dropped:
out-of-order: 0
other: 0
total: 0
Send packets dropped:
exceeded session MTU: 0
other: 0
total: 0
DF bit off, ToS reflect disabled, ToS value 0, TTL value 255
Sending UDP checksums are disabled
Received UDP checksums are verified
No session cookie information available
FS cached header information:
encap size = 24 bytes
45000014 00000000 ff73fe48 d2300c69
d2300c64 6ffca605
Sequencing is off
Conditional debugging is disabled
SSM switch id is 8197, SSM segment id is 8201
Wlg-COR-02#
Wlg-COR-02#
Wlg-COR-02#show run inter
Wlg-COR-02#show run interface Po2.532
Building configuration...
Current configuration : 123 bytes
interface Port-channel2.532
encapsulation dot1Q 532
xconnect 210.48.12.100 532 encapsulation l2tpv3 pw-class l2tp
end
Wlg-COR-02#
Wlg-COR-02#
Wlg-COR-02#show run | beg pseudowire
pseudowire-class mpls-ethernet
encapsulation mpls
interworking ethernet
pseudowire-class l2tp
encapsulation l2tpv3
ip local interface Loopback4770
Air-COR-01#show version
Cisco IOS Software, IOS-XE Software (PPC_LINUX_IOSD-ADVIPSERVICESK9-M), Version 15.2(4)S4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Sun 01-Sep-13 09:53 by mcpre
IOS XE Version: 03.07.04.S
Cisco IOS-XE software, Copyright (c) 2005-2013 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
Air-COR-01 uptime is 35 weeks, 1 day, 15 hours, 26 minutes
Uptime for this control processor is 35 weeks, 1 day, 15 hours, 29 minutes
System returned to ROM by reload at 23:57:45 NZDT Mon Feb 24 2014
System restarted at 00:01:45 NZDT Tue Feb 25 2014
System image file is "bootflash:asr1000rp1-advipservicesk9.03.07.04.S.152-4.S4.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco ASR1004 (RP1) processor with 1688640K/6147K bytes of memory.
Processor board ID FOX1544G2KE
16 Gigabit Ethernet interfaces
4 Ten Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
937983K bytes of eUSB flash at bootflash:.
39004543K bytes of SATA hard disk at harddisk:.
Configuration register is 0x2102
Air-COR-01#show l2tun session all
L2TP Session Information Total tunnels 1 sessions 1
Session id 1878828549 is up, logical session id 42736, tunnel id 1043662242
Remote session id is 3769661188, remote tunnel id 3529463940
Locally initiated session
Unique ID is 0
Session Layer 2 circuit, type is Ethernet Vlan, name is Port-channel2.532:532
Session vcid is 532
Circuit state is UP
Local circuit state is UP
Remote circuit state is UP
Call serial number is 2074100010
Remote tunnel name is Wlg-COR-02
Internet address is 210.48.12.105
Local tunnel name is Air-COR-01
Internet address is 210.48.12.100
IP protocol 115
Session is L2TP signaled
Session state is established, time since change 03:47:28
48 Packets sent, 58 received
6645 Bytes sent, 8437 received
Last clearing of counters never
Counters, ignoring last clear:
48 Packets sent, 58 received
6645 Bytes sent, 8437 received
Receive packets dropped:
out-of-order: 0
other: 0
total: 0
Send packets dropped:
exceeded session MTU: 0
other: 0
total: 0
DF bit off, ToS reflect disabled, ToS value 0, TTL value 255
Sending UDP checksums are disabled
Received UDP checksums are verified
No session cookie information available
FS cached header information:
encap size = 24 bytes
45000014 00000000 ff73fe48 d2300c64
d2300c69 e0b07704
Sequencing is off
Conditional debugging is disabled
SSM switch id is 14061, SSM segment id is 5875
%No active PPTP tunnels
Air-COR-01#
Air-COR-01#
Air-COR-01#
Air-COR-01#
Air-COR-01#show run int
Air-COR-01#show run interface Po2.532
Building configuration...
Current configuration : 123 bytes
interface Port-channel2.532
encapsulation dot1Q 532
xconnect 210.48.12.105 532 encapsulation l2tpv3 pw-class l2tp
end
Air-COR-01#
Air-COR-01#
Air-COR-01#show run | beg pseudowire
pseudowire-class l2tp
encapsulation l2tpv3
ip local interface Loopback4770
air-agg-1-1#show mac address-table vlan 532
Legend: * - primary entry
age - seconds since last seen
n/a - not available
S - secure entry
R - router's gateway mac address entry
D - Duplicate mac address entry
Displaying entries from DFC switch [1] linecard [1]:
vlan mac address type learn age ports
----+----+---------------+-------+-----+----------+-----------------------------
532 0050.569e.681d dynamic Yes 150 Po7
532 0050.5695.0f0c dynamic Yes 320 Po7
R 532 0008.e3ff.fc04 static No - Router
WLG-AGG-01#show mac address-table vlan 532
Mac Address Table
Vlan Mac Address Type Ports
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
532 0050.5695.0f0c DYNAMIC Po2
532 0050.569e.681d DYNAMIC Po4
Total Mac Addresses for this criterion: 22
WLG-AGG-01#What does your ACL statement look like for defining access from your Celerra_Replication network, to your GP_Celerra_Replication network?
Also, do you reference that ACL in your crypto map?
A sanitized config may help me help you
-Chris -
I am trying to install SLM as DISTRIBUTED SYSTEM. I have installed CENTRAL SERVICES INSTANCE on host 1 and DB instance on host 2.
and trying to install CENTRAL SERVICE on host 3.
CENTRAL SERVICES INSTANCE and DB instance install successfully.
I am getting this error message when installing CENTRAL SERVICE.
here is my sapinst_dev.log
=======================
Connect to message server (host/3900) failed: NIEHOST_UNKNOWN.
======================================================
here is my dev
=========================================================
trc file: "dev_ms", trc level: 1, release: "700"
[Thr 16384] Tue Feb 26 20:51:13 2008
[Thr 16384] MsSSetTrcLog: trc logging active, max size = 20971520 bytes
systemid 387 (Intel x86 with Linux)
relno 7000
patchlevel 0
patchno 110
intno 20050900
make: multithreaded, Unicode, optimized
pid 5846
[Thr 16384] ***LOG Q01=> MsSInit, MSStart (Msg Server 1 5846) [msxxserv_mt. 1824]
[Thr 16384] SigISetDefaultAction : default handling for signal 17
[Thr 16384] load acl file = /usr/sap/KGB/SYS/global/ms_acl_info
[Thr 16384] MsGetOwnIpAddr: my host addresses are :
[Thr 16384] 1 : [1XX.10.10.222] host1.mycompanyname.com (HOSTNAME)
[Thr 16384] 2 : [1XX.0.0.1] localhost.localdomain (LOCALHOST)
[Thr 16384] MsHttpInit: full qualified hostname = host1.mycompanyname.com
[Thr 16384] HTTP logging is switch off
[Thr 16384] set HTTP state to LISTEN
[Thr 16384] MsHttpOwnDomain: own domain[1] = host1.mycompanyname.com
[Thr 16384] ms/icf_info_server : deleted
[Thr 16384] *** I listen to internal port 3900 (3900) ***
[Thr 16384] *** HTTP port 8100 state LISTEN ***
[Thr 16384] CUSTOMER KEY: >T0444609119<
=========================================================
I have changed the hostname in all the file (1) hostname ,(2)/etc/sysconfig/network file . i even checked my hostname and it shows hostname as "HOST1" so i am confused even though hostname is "HOST1" but in dev_ms the IP ADRESS is resolving to "host1.mycompanyname.com"
3. Also when i am trying to run "startsap" or "stopsap" from host1 where central service instance is installed. It gives me "command not found" although i see all the exe file in /usr/sap/SID/SYS/exe/run. why my command not running.
. I have added the sapmsSID 3900/tcp entries in both HOST1 and HOST3 services file.Only that
When I grep on Error from the file I get
more sapinst_dev.log |grep error
Error number 8 error type SPECIFIC_CODE
Error number 211 error type SPECIFIC_CODE
pci_error_tolerance_time 1440 Default Immed
Registering Profile directory /usr/sap/MBA/SYS/profile for beeing one of the sources of additional files to be collected in case of errors
hth72231:mbaadm 25> more sapinst_dev.log | grep error |more
Error number 8 error type SPECIFIC_CODE
Error number 211 error type SPECIFIC_CODE
pci_error_tolerance_time 1440 Default Immed
Registering Profile directory /usr/sap/MBA/SYS/profile for beeing one of the sources of additional files to be collected in case of errors
Standard input: END
other
TRACE[E] 2014-06-25 10:08:17.327 [syuxcuser.cpp:2762]
CSyUserImpl_setOsInfos(iastring sName, iastring sID, tSyUserInfo& msUserNewinfo)
lib=syslib module=syslib
FSL-05014 Command '/usr/sbin/usermod' with parameters '-G "adm,bin,daemon,lp,mail,other,root,sys,users,sapinst" root' failed with return code 8: Login root
is currently in use
But that is not the issue -
Are L2TPv3 endpoints not supported to source from VRFs?
Hi,
I have a customer that needs to tunnel serial data from remote sites to a central site. This serial data is HDLC encapsulated and the remote site has a Cisco 1921 router with HWIC4A/S.
The central router is a Cisco 2951, also with HWIC4A/S.
This customer has several VPNs carried by a service provider through MPLS. One VPN is for operational traffic, one is for test traffic and so on.
They want to send the tunneled traffic through the operational VPN on the router doing tunneling through VRF lite. This does however not seem to be supported but I can't find any restrictions in the Cisco documentation.
Here is a working configuration:
pseudowire-class PW
encapsulation l2tpv3
sequencing transmit
protocol none
ip local interface loopback0
ip tos value 128
ip ttl 10
interface Loopback0
ip address x.x.x.x 255.255.255.255
interface Serial0/0/0
description ### redacted ###
no ip address
no keepalive
ignore dtr
clock rate 19200
no cdp enable
xconnect y.y.y.y 1001 encapsulation l2tpv3 manual pw-class PW
l2tp id 61001 101
redacted#show l2tun session all
Session id 61001 is up, logical session id 65668, tunnel id n/a
Remote session id is 101, remote tunnel id n/a
Locally initiated session
Unique ID is 24
Session Layer 2 circuit, type is HDLC, name is Serial0/0/0
Session vcid is 1001
Circuit state is UP
Local circuit state is UP
Remote circuit state is UP
Call serial number is 0
Remote tunnel name is
Internet address is y.y.y.y
Local tunnel name is
Internet address is x.x.x.x
IP protocol 115
Session is manually signaled
Session state is established, time since change 19:04:36
1087277 Packets sent, 0 received
21281118 Bytes sent, 0 received
Last clearing of counters never
Counters, ignoring last clear:
1087277 Packets sent, 0 received
21281118 Bytes sent, 0 received
Receive packets dropped:
out-of-order: 0
other: 0
total: 0
Send packets dropped:
exceeded session MTU: 0
other: 0
total: 0
DF bit off, ToS reflect disabled, ToS value 128, TTL value 10
Sending UDP checksums are disabled
Received UDP checksums are verified
No session cookie information available
FS cached header information:
encap size = 28 bytes
45800014 00000000 0a738706 0a741822
0a74fbe7 00000065 00000000
Sequencing is on
Ns 1087268, Nr 0, 0 out of order packets received
Packets switched/dropped by secondary path: Tx 0, Rx 0
Conditional debugging is disabled
SSM switch id is 4226, SSM segment id is 12422
The traffic is unidirectional so it's expected to only have packets sent and not received. This works fine. However, if put the loopback in a VRF, the tunnel still comes up but no traffic is forwarded.
int loopback 0
ip vrf forwarding OPER
This would stop the traffic from passing through the tunnel. I suspect that the Cisco implementation of L2TPv3 is not VRF aware but have been unable to get any confirmation so far.
Has anyone else tried to deploy this when sourcing from a VRF?Hi All,
I could solve it myself. Thanks for the time.
The problem was I tried to navigate directly from the component ''BT125H_TASK' to the component 'CRMCMP_CMG', as I could not find any parent for BT125H_TASK earlier.
Now I could find its parent component which is 'BT110M_ACT'.
The outbound plug created in the task component has to be added to the component usage of 'BT110M_ACT' and the delegation should be done. The other things are the same. It works fine.
Regards
Vidhya -
L2tpv3 dialing from cisco router
I have requirement where customer wants ip dialing to LNS from cisco router with the help of l2tpv3.
Could anyone tell me how to configure this.
regards
shivlu jainHello Shivlu,
in one of our routers the backup link is configured in this way
pseudowire-class netvision-l2tp
encapsulation l2tpv2
interface Virtual-PPP1
description NETVISION DIALER
ip address negotiated
ip nat outside
ip virtual-reassembly
no cdp enable
ppp pap sent-username password 0 41003827
pseudowire x.x.x.x 2 pw-class netvision-l2tp
crypto map VPN_MAP
where x.x.x.x is a public ip address
ip route x.x.x.x 255.255.255.255 g0/1
completes this solution where this g0/1
sh run int gi0/1
Building configuration...
Current configuration : 157 bytes
interface GigabitEthernet0/1
description CONNECTION TO CABLE MODEM
ip address dhcp
ip virtual-reassembly
duplex auto
speed auto
media-type rj45
end
and it receives a private ip address from DHCP on a cable modem access network.
but it uses l2tpv2 not L2tpv3 and I've always seen l2tpv2 in this context.
Hope to help
Giuseppe -
Migrating from Brocade 2800/ 3900 to Cisco MDS 9509
What is the best procedure from migrating from Brocade 2800/3900/12000 to Cisco MDS 9509 especially connected to HP-UX and AIX server.
Without any Downtime I should be able to migrate these servers.
I thought about these options:
1. Use vgexport and vgimport or exportvg and importvg (AIX) after connecting to Cisco MDS. But this requires complete downtime on the application.
2. Take one path down or HBA down and switch the cable and vgextend the devices.
Please let me know if somebody has procedure.
I was successful in HP-UX server using the second options but I cant see all the LUNs. That might be array specific problem also.
If anybody has detailed procedure on migrating this scenario. please let me know.
We are using Persistent FCIDs on our MDS switches.
Thanks in AdvanceAfter connecting 1 cable from server HBA to Cisco S/w, why you are not able to see all LUNs, did you cross-check that...I mean HBA Configuration (max 256 LUNs) or Disk Array library driver to be installed on host side.if that can be sorted out, you can mirror the volumes across the disk arrays.are you using HDS Arrays? I don't know but what is vgextend command you are mentioning...
also did you take a reboot of server or is it online addition on new LUNs...
Also any how if you are not able to see all LUNs that is going to be an issue later as well for migration...pls cross-check that... -
I have created L2TPv3 tunnel between two routers. Now i don't know that the tunnel is up or down. I have run the command but it is giving the following output:
R2#show l2tp tunnel
%No active L2TP tunnels
Can anyone tell me how can we check L2TPv3 tunnel is up or down?
Is there any show command or debug command to check the status of tunnel?
Regards,
Mukesh Kumar
Network Engineer
Spooster IT ServicesMukesh,
The only problem I can see is that you have VLAN 5 on the subinterface, but not on the main interface, this means that the traffic might not get to the other end due to the Dot1q encapsulation. If you were to set both to the same dot1q tag it should come up.
Regards,
Alex Sanchez
CCIE R&S #37454 -
When trying to install an extra dialog instance to our BW environment in the second step when giving the profile parameter after reading the profiles it comes with the message:
An exception occurred while connecting to the message server instance MBA/DVEBMGS00 on host pdirmba1, port 3900. DIAGNOSIS: The original exception was: wapsmod.ms.MsAttachFailed: Connect to message server (pdirmba1/3900) failed: MSENILAYER.. SOLUTION: Make sure that the message server is started.
Message server is started as CI and second DI are already running.
HP-UX, Oralce11.
Did set the temp directory and SAPINST_USE_HOSTNAME parameter into the environment of root.
already tried niping from di to ci on the port and thats working okOnly that
When I grep on Error from the file I get
more sapinst_dev.log |grep error
Error number 8 error type SPECIFIC_CODE
Error number 211 error type SPECIFIC_CODE
pci_error_tolerance_time 1440 Default Immed
Registering Profile directory /usr/sap/MBA/SYS/profile for beeing one of the sources of additional files to be collected in case of errors
hth72231:mbaadm 25> more sapinst_dev.log | grep error |more
Error number 8 error type SPECIFIC_CODE
Error number 211 error type SPECIFIC_CODE
pci_error_tolerance_time 1440 Default Immed
Registering Profile directory /usr/sap/MBA/SYS/profile for beeing one of the sources of additional files to be collected in case of errors
Standard input: END
other
TRACE[E] 2014-06-25 10:08:17.327 [syuxcuser.cpp:2762]
CSyUserImpl_setOsInfos(iastring sName, iastring sID, tSyUserInfo& msUserNewinfo)
lib=syslib module=syslib
FSL-05014 Command '/usr/sbin/usermod' with parameters '-G "adm,bin,daemon,lp,mail,other,root,sys,users,sapinst" root' failed with return code 8: Login root
is currently in use
But that is not the issue -
Error 9672 when trying to "re-add" HP Deskjet 3900 printer
Hi, I've seen the discussion about the Error 9672. But the answers don't really help. I get the same errormessage when trying to re-add the HP 3900 deskjet printer that I had to delete because it was not working properly. Now I just can't add it again... I can find it as an available Bonjour printer. But what can I do next? I haven't really been able to find out if this is a commonly known Apple bug, or if it is a bug that HP should be working to fix. Can anyone help? The printer works fine when connected directly via USB by the way.
iBook G4 12" Mac OS X (10.4.8)I found the same thing out yesterday and did the same solution.
One issue should be noted. The quality of the print is much worse since we are not using the correct print driver. Works fine for standard unimportant text printing, but really can't be used for printing photos.
Connect the printer directly to the computer USB and print a photograph using the real print driver, then connect wirelessly using the above method and print the same photo. The difference is dramatic.
It also seems to overuse black ink when hooked up through the Airport, and the printer light blinks for a while after printing is done.
Anyway, I plan on leaving it hooked up wirelessly for convenience sake, but when good quality is needed I will attach it directly to the USB port.
You can verify my findings and let others know if you find the same thing I found.
Good luck, and lets hope there are more compatible printers available in the future. -
I have note book with windows 7 64 bit OS. It can't work properly to HP Deskjet 3900 printer.
I need HP deskjet 3900 driver for my windows 7 64 bit in note book... plzHi daydoank,
I understand you have a Deskjet 3900 series that you'd like to install with Windows 7 and are looking for an HP driver to do so. I will do my best to explain what you'll need to do
There is not a driver for Windows 7 for this series printer. To install the printer you would want to follow this Installing the Printer Software in Windows 7 for a USB Cable Connection document, and then you can use the printer with the Windows built in driver.
Hope this helps, have a great day!
Please click “Accept as Solution ” if you feel my post resolved your issue, as it will help others find the solution faster
Click the “Kudos Thumbs Up" on the right to say “Thanks” for helping!
**MissTeriLynn**
I work on behalf of HP
Maybe you are looking for
-
My monitor is an HP w1907. It suddenly goes dark.
If i turn it off and back on it goes dark again. If I wait for say 1 hour it comes back on for a while. Is this failing and should be replaced?
-
Turning off the dictionary when texting sms
Is this possible? I know that this is something that other mobile brands would love having it but i do not want it because i want to write my own way to my friends and this cannot be done very quickly with the dictionary stopping me at every word.
-
Hello Folks, I'm going to install UCCX 8.0 in a test lab and I'm wondering what hardware other are using? I'm presuming that it needs ESXi4.0? Do you have to use the full production specification of 2 x vCPU and 4GB RAM? Or can you cut down the res
-
Oracle Forms Builder 10g release 2 documentation?
I'm trying to locate a book about Oracle Forms Builder 10g release 2. I'm needing a beginner's guide. I've seen the advanced techniques one, but I can't seem to find one for someone that is just starting out. Does anyone have any suggestions?
-
How to configure rediff mail on Iphone 4. I have configured it but it's not connecting & showing an error POP is not connected to network